Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer(OpenSSL) library that can allow an attacker to perform activeprotocol-version rollback attacks that could lead to the use of theweaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS1.0.

The following matrix explains which version in which distribution hasthis problem corrected.